1. CHOReVOLUTION Enablers - WP3
Service Bus, Security and Cloud
Nikolaos Georgantas
Inria
1st Project Review
Brussels, Feb. 11, 2016

2. WP3 Overview
Duration: M1 - M30 (all tasks)
Effort: 65 PMs
Task 3.1: CHOReVOLUTION Service Bus
• Inria, Softeco, Tirasa, UDA
Task 3.2: Secured Choreographies
• THA, Softeco, Tirasa, UDA
Task 3.3: CHOReVOLUTION Cloud
• CEFRIEL, Inria, Softeco, Tirasa, UDA
11 Feb. 2016 2

3. WP3 Deliverables
! D3.1: CHOReVOLUTION Service Bus, Security and
Cloud - First outcomes (Inria) - M10
• D3.2: CHOReVOLUTION Service Bus, Security and
Cloud - Intermediate outcomes (Tirasa) - M22
• D3.3: CHOReVOLUTION Service Bus, Security and
Cloud - Final outcomes (THA) - M30
11 Feb. 2016 3

4. From modeling and synthesis
to running choreographies
11 Feb. 2016 4
Thing
choreography
mobile
sensor
mobile
service
REST
service
Web
service
!
Secure
Dynamic
Heterogeneous

5. Middleware enablers for running
choreographies
CHOReVOLUTION
Cloud
CHOReVOLUTION Service Bus
CHOReVOLUTION Security
511 Feb. 2016
Secure
Dynamic
Heterogeneous

6. CHOReVOLUTION Service Bus (VSB)
features
• Flexible, lightweight bus
• BCs employed only when necessary
• Any bus protocol
• Things as first-class entities
• Support for data stream protocols
• Automated BC synthesis
• Evolution support
Leverage
• Rely on principles, results,
lessons learned
• Completely rethink architecture
and implementation
• Interoperability for choreography peers with heterogeneous middleware
protocols
• Applies the ESB paradigm
• Protocol adaptation with Binding Components (BCs)
611 Feb. 2016

7. VSB architecture
REST
service
REST
Web
service
SOAP
Thing
CoAP
Security
Filter
SOAP
Adapter
SOAP
Coordination
Delegate
SOAP
Binding
Component
REST
Security
Filter
SOAP
SOAP
Binding
Component
SOAP CoAP
711 Feb. 2016
!

8. QoS analysis of VSB interactions
• Interactions among mobile services/Things
• Asynchronous, event & data-based
• Subject to intermittent connectivity
• We model response time with two parameters
• Lifetime of data: validity and buffering by the middleware
protocols
• Connection/disconnection behavior of data receivers
11 Feb. 2016 8

9. Design-time evaluation of response times
9
KEͬK&& ƋƵĞƵĞŝŶŐ ĐĞŶƚĞƌĚƌŽƉ ŝĨ ŶŽ
ƐƵďƐĐƌŝƉƚŝŽŶ ĞǀĞŶƚƐ ĨŽƌ ĐůĂƐƐ ŽĨĨ
ĞǀĞŶƚƐ ĨŽƌ
ĐůĂƐƐ ǀ
ďƌŽŬĞƌ ŶŽĚĞ
ŝŶ ƋƵĞƵĞŝŶŐ ĐĞŶƚĞƌ
‫ܦ‬‫݂݂݋‬
‫ܦ‬‫ݒ‬ ͬ‫ܦ‬݅݊
ߣܾ
ߣ‫ݔ‬
ߣ‫݂݂݋‬
ߣ‫ݒ‬
‫݌‬ଵ
‫݌‬ଶ
‫݌‬ଷ
‫ݏ‬ଵ
‫ݏ‬ଶ
‫ݏ‬௜
ሺܾሻďƌŽŬĞƌ ŶŽĚĞ
dž
ĚƌŽƉ ŝĨ ŶŽ
ƐƵďƐĐƌŝƉƚŝŽŶ
Ϯ
ϭ
ߣ ‫ܦ‬
ߣ
TON + TOFF
Note that the average o↵ flow is not Poisson: during the TOFF interval no new
arrive.
With respect to two-class service centers, the ON/OFF queueing center presen
vice times Dv and Do↵ are exponential, ii) the overall arrival flow v is Poisso
iii) the off class has preemptive priority over class v, namely, if an off event arriv
in service, the v event is preempted so the off event can be served immediate
observations, the following theorem exploits the PASTA property, Priority queuein
law in order to evaluate our qon/o↵.
Theorem 2. The average delay R
on/off
s for the qon/o↵ is given by:
Ron/off
s =
T2
OFF
TON + TOFF
+ Dv
TON + TOFF
TON
1 vDv
TON + TOFF
TON
Proof. In our queueing center, the off class has preemptive priority over the clas
a new arriving off event has to wait for time:
Ro↵ = Do↵ + Qo↵Do↵
where Qo↵ is the number of the off events present in the queue. The off event
events and thus, it has to wait only for preceding off events (if any). On the othe
v event has to wait for time11 Feb. 2016

10. CHOReVOLUTION Security
Ensures security of choreography interactions
• Flexible security management based on identity roles of
choreography peers
• Federation of heterogeneous security mechanisms
• Applies the above via flexible proxying mechanism for
choreography peers
1011 Feb. 2016

11. Security workflow
Client Service
Federation
Server
Security
Filter (SF)
Identity
Manager
Provide clients and services identity information (credentials,
attributes, policies)
Client request with
credentials
Validate Client credentials
Validate Client authorization
Map Client credentials with credentials required by Service
Forward request to
Service with new credentials
Policy
decision
Policy
enforcement
1111 Feb. 2016

12. CHOReVOLUTION Cloud
features
• Multiple heterogeneous cloud underlays,
unifying API
• Dynamic on-demand resource
management for QoS and evolution
• Leverages built-in features of cloud
underlays to best serve choreographies
• Top-down changes in the choreography
structure and requirements
• Bottom-up resource scaling for runtime
evolving needs
Leverage
• Reuse the Cloud Enactment
Engine
• Extend it to support dynamicity,
auto-scaling and run-time
control for choreography
adaptation
Provision of adequate, elastic resources to choreographies
1211 Feb. 2016

13. Cloud architecture
Underlying
Cloud
Layer
(OpenStack,
AWS,
Azure,
Vcloud,
…)
Cloud
API
(off-­‐the-­‐shelf)
The
cloud
API
provides
features
for
resource
control
VM
VM
VM
VM
VM
CHOReVOLUTION
Enactment
Engine
Create/release
VM
Clone/snapshot/restart
Provisioning
and
automaJon
engine
Cloud
control
engine
VM
configuraJon
Run-­‐
Jme
API
VMs
hosJng
the
choreography
RunJme
requests
from
monitoring
of
services
and
VMs
(scale,
replace,
balance,
…)
Deployment
&
control
API
Upload
choreography
Upload
deployable
services
REDIS
Choreography
status
persistence
1311 Feb. 2016
Control
funcJons
(create/stop/start
VM,
etc…)

14. OpenStack setup for CHOReVOLUTION
Cloud
OpenStack
private
cloud
infrastructure
deployed
at
CEFRIEL
premises
1411 Feb. 2016

15. Summing up
Powerful middleware enablers for heterogeneous, secure,
dynamic choreographies
Next steps
• Integrate with the modeling and synthesis enablers
• Automated BC and SF synthesis
• Full cloud deployment of CHOReVOLUTION artifacts
• Runtime QoS analysis and assurance
• At application, middleware and resource layers
• Adaptation for evolving choreographies
1511 Feb. 2016

16. Thank you